Jon Heese's Tech Bloghttp://blog.jonheese.com
Various IT Hacks & TipsFri, 28 Jan 2011 18:38:11 +0000en-UShourly1https://wordpress.org/?v=4.7.2Outlook 2003 compose window freezing on Sendhttp://blog.jonheese.com/2010/09/27/outlook-2003-compose-window-freezing-on-send
http://blog.jonheese.com/2010/09/27/outlook-2003-compose-window-freezing-on-send#respondMon, 27 Sep 2010 22:34:38 +0000http://blog.jonheese.com/?p=61Today I had a client using Outlook 2003 SP3 who was having the following symptom: When she composed a new e-mail in Outlook, she’d hit the “Send” button, and the window would turn white and block for 5-30 seconds, and then finally disappear and the program behavior would return to normal.

I tried a new Outlook profile, ensured that Outlook was up-to-date with service packs, tried turning on and off Word as e-mail editor, but nothing changed the behavior.

Eventually I tried disabling her e-mail signature, and the problem disappeared.

Well, it turned out, there were two images in her signature, company logos, that were being loaded from a couple different web servers out on the web, and depending on the day or time of day, one or both of the servers being referenced for the images were getting bogged down, and thus had high latency times downloading these <100KB images.

So every time she sent an e-mail, Outlook was going out to the web and retrieving these two images, which sometimes took up to 30 seconds to get, and then embedding the raw JPEG/GIF data into the e-mail to send it out. Of course, since the developers of Outlook apparently never imagined a case when this process would take more than an instant, Outlook blocked on these retrieval threads and locked up until the images could be retrieved (or time out, whichever came first).

The fix was disgustingly simple: Download the images manually to a local storage location (in this case, Docs share on the local SBS machine) and modify her signature to pull the images from there instead of the web location. Presto! Problem solved.

Cause: This error can occur If certain VSS DLLs are not registered properly, or if something
is wrong with the VSS provider. This issue is often associated with the installation of new hard drives, especially when deploying previously-created hard drive images to them.

Resolution:

Apply the latest VSS package (KB940349) on the server from Microsoft here, and reboot the server.

Re-register the VSS related DLLs by running the following commands (a batch file would probably be a good idea here):

Reboot the system, and the “VOLUME” key will be recreated, hopefully fixing the issue.

]]>http://blog.jonheese.com/2010/09/13/windows-server-volume-shadow-copy-not-working/feed0Windows endless loop of CHKDSKhttp://blog.jonheese.com/2010/09/13/windows-endless-loop-of-chkdsk
http://blog.jonheese.com/2010/09/13/windows-endless-loop-of-chkdsk#respondMon, 13 Sep 2010 22:20:19 +0000http://blog.jonheese.com/?p=30Symptom: You schedule a chkdsk before rebooting a Windows machine (can be Windows XP or any flavor of Server 2003, possibly others as well) it appears to run through the chkdsk successfully, then reboots again and continues the cycle, continuously running chkdsks on startup, but never getting up to Windows. Sometimes the Windows splash screen shows, sometimes not.

Power down and cold boot doesn’t change the behavior. Attempting to boot into Safe Mode also fails with the same behavior.

Cause: Unknown, but probably due to a failing chkdsk operation not removing the BootExecute reg value.

After entering the correct data, you MUST unload the Hive. To do so, select MyHive branch, and then in the File menu, choose Unload Hive. It’s important to note that you’ll need to select the MyHive branch first, before unloading it.

Quit BartPE and restart Windows. The machine should now boot up normally, skipping the chkdsk.

]]>http://blog.jonheese.com/2010/09/13/windows-endless-loop-of-chkdsk/feed010 Things You Should Never Do on a Consulting Jobhttp://blog.jonheese.com/2010/09/13/10-things-you-should-never-do-on-a-consulting-job
http://blog.jonheese.com/2010/09/13/10-things-you-should-never-do-on-a-consulting-job#respondMon, 13 Sep 2010 21:57:52 +0000http://blog.jonheese.com/?p=26I thought this was an interesting read. Some of these things are no-brainers, others are things we all do at times, especially #1…http://blogs.techrepublic.com.com/10things/?p=1290&tag=nl.e101
]]>http://blog.jonheese.com/2010/09/13/10-things-you-should-never-do-on-a-consulting-job/feed0Recent BSOD caused by being too updated?http://blog.jonheese.com/2010/09/13/recent-bsod-caused-by-being-too-updated
http://blog.jonheese.com/2010/09/13/recent-bsod-caused-by-being-too-updated#respondMon, 13 Sep 2010 21:56:34 +0000http://blog.jonheese.com/?p=24From article on eWeek.com here:

Microsoft is investigating reports that users are experiencing the infamous “Blue Screen of Death” after installing one of Microsoft’s Patch Tuesday security updates.

According to Microsoft, the problem appears to be related to MS10-015, but the company has not determined if the problem is specific to MS10-015 or if it is an interoperability problem with another component or third-party software. The bulletin addresses two Windows Kernel privilege escalation bugs, and was among 13 issued Feb. 9 to plug a total of 26 security holes.

IMO, the forum post they link with the “fix” procedure is overkill. It makes you uninstall all of that week’s updates when the only problematic one is KB977165.

The procedure really should be:

Boot from your Windows XP CD or DVD and start the recovery console

Once you are in the Repair Screen..

Type this command: CHDIR $NtUninstallKB9777165 $\spuninst

Type this command: BATCH spuninst.txt

Type this command: systemroot

When complete, type this command: exit

Your computer should restart and everything should be back to normal.

Update: It’s now been discovered that the root cause of this issue was actually a rootkit that conflicted with the update in question:

Hackers behind the rootkit responsible for crippling Windows machines after users installed a Microsoft security patch have updated their malware so that it no longer crashes systems, researchers confirmed today.

The rootkit, known by a variety of names — including TDSS, Tidserv and TDL3 — was blamed by Microsoft last Friday for causing Windows XP PCs to crash after users applied the MS10-015 security update, one of 13 Microsoft issued a week ago.

So, if you applied the fix I prescribed above and it fixed your BSOD, you’ve still (probably) got a rootkit on your machine, and you just fixed the symptom, NOT THE TRUE ISSUE!

And if you never got a BSOD from this update (heh, why are you reading this?), you may still be infected, if your rootkit was updated before your installed the Windows Update. Clear as mud?

]]>http://blog.jonheese.com/2010/09/13/recent-bsod-caused-by-being-too-updated/feed0Outlook 2007 SP2 bug: “Not enough memory to continue”http://blog.jonheese.com/2010/09/13/outlook-2007-sp2-bug-not-enough-memory-to-continue
http://blog.jonheese.com/2010/09/13/outlook-2007-sp2-bug-not-enough-memory-to-continue#respondMon, 13 Sep 2010 21:51:19 +0000http://blog.jonheese.com/?p=21Symptom: Outlook 2007 prompts about not enough memory to continue and stops loading. The user can see email already in place, but can’t do anything. PST files partly load and folders may be missing. The big sign is the memory error.

Cause: After a month of working this issue with Microsoft, they have confirmed a bug caused by the 2007 office sp2 update. So while we await MSO12 SP3, here is the workaround they’ve given me. The only catch is that you will disable the email tracking feature within BCM.

Resolution: Close Outlook, then add a new registry value, type DWORD, named “EnableEAA”=”0” to the following reg key: HKEY_CURRENT_USER > Software > Microsoft > Business Solution eCRM. Re-open Outlook and all should function as normal.

]]>http://blog.jonheese.com/2010/09/13/outlook-2007-sp2-bug-not-enough-memory-to-continue/feed0Quickbooks discontinuation of serviceshttp://blog.jonheese.com/2010/09/13/quickbooks-discontinuation-of-services
http://blog.jonheese.com/2010/09/13/quickbooks-discontinuation-of-services#respondMon, 13 Sep 2010 21:43:46 +0000http://blog.jonheese.com/?p=19According to a post on Intuit’s site (here) will no longer be supporting versions of Quickbooks older than 2008.

Starting April 30, 2010, “extra features” in 2007/7.0 and older versions of Quickbooks will stop working, forcing users who want to use those features to upgrade to 2010/10.0. This includes payroll and other optional services Intuit provides with some versions of Quickbooks.

It uses a “repeater” as the static component, so as a technician you don’t even need to be in the same place each time; the client connects to the repeater, and so do you. No more static IPs and port forwarding necessary for the technician, just the one repeater machine.

I’ve tested this and my company now has a working version hosted on our website, here:

http://support.st-aubin.com

It works well on XP, Vista, and Windows 7, and although I haven’t actually tested it (since we have so few occasions), I’m sure it works perfectly on Win9x and Win2k as well. No need for the Mac client yet, but it’s ready if/when we need it, as this is our only Mac-compatible remote support at this time.

“Setup has detected that the Service Pack version of this system is newer than the update you are applying. There is no need to install this update.”

Unfortunately, this may or may not actually be accurate, as the LLTD update is not always installed on computers with XP SP3. As far as I can tell, this is a known bug in SP3, and MS has been slow to release a LLTD update specifically for SP3. In the meantime, here’s how to force the LLTD update to run on SP3:

5. Now type in “LLTD.exe -x:c:\LLTD” (again, minus quotes). This will extract all the files in to a new folder called c:\LLTD.

6. Open that folder with an Explorer window, and there will be another folder inside it called “SP2QFE”. Open that, find the file named “rspndr.sys”, and copy it inside your c:\Windows\system32\drivers directory.

7. Also in the “SP2QFE” folder, find the “rspndr.exe” and copy it inside your c:\Windows\System32 directory.